Large data losses in the gaming industry and how to safeguard information going forward.

The gaming industry is no stranger to large data losses. While gamers may not store highly sensitive information in their gaming accounts, hackers can still take advantage of any information they access during the attack. In this article, we’ll talk about three of the biggest security breaches in the gaming industry within the last several years.

77 Million Accounts were Compromised During a Sony Hack

Playing PlayStation online could have had serious consequences for a large number of users a few years ago. In 2011, the Sony Online Entertainment network went offline for more than 4 weeks after hackers accessed the database. Reportedly, hackers were able to steal email addresses and customer names, as well as some credit card data.

Customers outside of the U.S. were hit even harder. The banking and credit card information of approximately 23,000 customers was compromised along with similar information from an outdated database potentially affecting another 12,700 customers located in Austria, Germany, Spain, and the Netherlands.

As a result of these hacks, Sony suspended online games, including EverQuest, Star Wars Galaxies, and Matrix Online while they investigated the security breach.

How will this affect Sony’s customers? Some of them may receive SPAM or phishing emails. Others may see unauthorized activity on their credit cards or bank accounts. However, unlike some sources stated, the hackers were not able to get access to millions of credit card numbers because those were kept in a separate, secure database.

The Aftermath for Sony

Sony expected to spend $170 million as a result of these cyberattacks, but outside companies estimated the cost to be closer to $24 billion. All in all, it took over a month to restore the services offered by the PlayStation Network. The 77 million customers that were affected by the security breach were welcomed back with a package of free services and premium content.

RockYou Hack Affects 32 Million Accounts

The social application site RockYou had to deal with a large security breach in 2009. About 32 million accounts of user were hacked, but that’s not even the worst part of it.

Initially, RockYou tried to downplay the problem and remained silent on the issue. After being taunted by the hacker, they issued a press release but users were never notified nor did RockYou mention the security concern on its blog.

The biggest problem is that RockYou was storing passwords in the Cloud without encrypting them. This means passwords are emailed to users without encryption, and RockYou was also storing the passwords inside their database as plain text. Another problem is that user passwords are insecure to begin with, because they only have to be five characters long and cannot contain punctuation of any kind.

Customers have little ability to protect themselves from a company that doesn’t take security seriously. However, if you ever notice poor security practices, such as emailing passwords in plain text, then that’s a sign you’re dealing with a company that needs to take additional steps to prevent data loss.

1.3 Million Customers Affected by the Hack on SEGA’s Database

In 2011, about 1.3 million customers had their information stolen by a hack on SEGA’s database. On the bright side, Sega’s breach wasn’t anywhere near as troublesome or as far-reaching as Sony’s fiasco earlier that same year.

Nevertheless, hackers were able to steal important information such as names, birth dates, email addresses, and passwords. The good news is that none of the passwords were stored in plain text. As a precaution, SEGA reset the passwords for each customer. Additionally, the company assured affected customers that no credit card or bank account information was compromised.

Why Cybersecurity Remains a Big Concern

While Sony suffered the largest and most severe attack, they weren’t the last. Since then, hackers were able to infiltrate Nintendo and UbiSoft, although to a lesser degree. Needless to say, cybersecurity is still a big concern for every company in the gaming industry.

How Cyber Attacks Could Have Been Prevented

It’s not always clear what exactly each company could have done better to keep the information of their customers safe. But in a case like the attack on RockYou, a company that didn’t bother encrypting user passwords, it’s glaringly obvious. Even when hackers target a particular company such as SEGA, all is not lost. In fact, SEGA customers may not have to deal with any negative consequences because the passwords were properly encrypted.

Where eFileCabinet Stands on Cybersecurity

At eFileCabinet, we take security extremely seriously. Previous attempts of hackers to infiltrate databases and company accounts as described previously ensure that we’ll never stay complacent. Your data is safe with us; we encrypt every file transfer, whether you’re viewing documents online or sending them to someone else. We also encrypt passwords and provide you with secure, role-based user access.

To learn more about our online document management system, fill out the form on this page to start your free 15-minute demo.